DEV Community

Cover image for Amazon Cognito
Yogita Sharma
Yogita Sharma

Posted on


Amazon Cognito

Understanding Amazon Cognito:
Cognito provides authentication, authorization, and user management for web and mobile apps. Users can sign in directly with their user name and passwords and can also use a third party such as Facebook, Amazon, Google, or apple to authenticate. There are a few main components of Cognito given:

  • User Pools:These are user directories that enable signup and sign-in options for app users.
  • Identity pools: It is used to grant users access to other AWS services.

We can use identity and user pools separately or together. We can also synchronize data across devices(Cognito Sync)

User Pools:
It is a user directory in Cognito.
Users can sign in to the web or mobile app through Cognito or federate through a third-party identity provider(IdP)
All members of the user profile have a directory profile accessible through SDK.

User pool capabilities:

  • Sign up and sign in services
  • Built-in web interface to sign in users
  • Sign in with Facebook, Google, Amazon, and Apple, and through SAML/OIDC identity protocol-based providers from user pools.
  • Manage user directories and user profiles.
  • Use lambda triggers to customize workflows and user migration.
  • Multi-factor authentication, checks for compromised credentials, account takeover protection, and phone and email verification.

Image description

Cognito Identity Pools:

  • Identity pools are used to obtain temporary credentials to access AWS services.
  • Supports anonymous guest and identity providers that can be used to authenticate users for identity pools. Cognito user pools
  • Sign in with Facebook, Google, Amazon, and Apple, and through SAML/OIDC identity protocol-based providers from the user pool. Developer authenticated identities.
  • To save user profile information, an identity pool needs to be integrated with a user pool.

Cognito Sync:
It is a service and client library that provides cross-device syncing of application usage data.
We can synchronize user profile data across mobile devices and web apps without a custom backend.
client libraries cache data locally allowing the app to read and write data even with device connectivity variability.
With the device online, synchronize data, if push sync is enabled, notify other devices immediately that an update is available.

Top comments (0)